D4rkz3rO

D4rkz3rO's Stars

• dafthack/GraphRunner

  A Post-exploitation Toolset for Interacting with the Microsoft Graph API

  Language:PowerShell1k120

• anrbn/GATOR

  GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments

  Language:Python899

• Orange-Cyberdefense/LinikatzV2

  linikatz is a tool to attack AD on UNIX

  Language:Shell14213

• franc-pentest/ldeep

  In-depth ldap enumeration utility

  Language:Python45351

• lutzenfried/Methodology

  41969

• AD-Security/AD_Miner

  AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

  Language:JavaScript1.2k127

• invictus-ir/Invictus-AWS

  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of incident response.

  Language:Python18515

• EntySec/Ghost

  Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

  Language:Python2.9k966

• g0ldencybersec/CloudRecon

  Language:Go46748

• nyxgeek/guestlist

  tool for identifying guest relationships between companies

  Language:Python843

• jsa2/AADAppAudit

  Microsoft Entra ID App Audit Solution (AADAppAudit)

  Language:JavaScript8211

• HackmichNet/AzTokenFinder

  Language:C#10611

• BishopFox/iam-vulnerable

  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

  Language:HCL49385

• tenable/cnappgoat-scenarios

  This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat

  Language:Go2015

• tenable/cnappgoat

  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.

  Language:Go27331

• toniblyx/my-arsenal-of-aws-security-tools

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

  Language:Shell9.1k1.5k

• Netflix-Skunkworks/policyuniverse

  Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.

  Language:Python42961

• PankajMoolrajani/PermCutter

  Spec and Sample code for Identifying and Reducing Permission Explosion

  Language:Jupyter Notebook11

• salesforce/cloudsplaining

  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

  Language:JavaScript2k189

• NetSPI/FuncoPop

  Tools for attacking Azure Function Apps

  Language:PowerShell686

• talmaor/AzureADLateralMovement

  Lateral Movement graph for Azure Active Directory

  Language:C#12222

• Pyr0sec/IAMagic

  Advanced AWS Access Credentials Scanner ⚡

  Language:Python102

• leechristensen/RequestAADRefreshToken

  Language:C#12623

• redhuntlabs/BucketLoot

  BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

  Language:Go40056

• foxlox/GIUDA

  Ask a TGS on behalf of another user without password

  Language:Pascal46768

• zblurx/dploot

  DPAPI looting remotely and locally in Python

  Language:Python44157

• anirudhbiyani/findmytakeover

  find dangling domains in a multi cloud environment

  Language:Python14011

• RhinoSecurityLabs/IAMActionHunter

  An AWS IAM policy statement parser and query tool.

  Language:Python17313

• primeharbor/sensitive_iam_actions

  Crowdsourced list of sensitive IAM Actions

  Language:Python1417

• WithSecureLabs/awspx

  A graph-based tool for visualizing effective access and resource relationships in AWS environments.

  Language:Python935101